In which Ian Carroll casually compromises a Turkish root CA trusted by most browsers: https://ian.sh/etugra
Security concerns with the e-Tugra certificate authority
Certificate authorities (CAs) are a critical backbone of internet security; when they are compromised, users lose the ability to securely connect to websites without fear of interception. Websites cannot insulate themselves against a fully-compromised CA, even if they normally use other CAs.